1.25.0 (2023-06-17)

  • Add support for cryptography 41, acme 2.6.0 and celery 5.3.

  • Update the Docker image to use Alpine Linux 3.18.

  • Add support for adding the Certificate Policy and Issuer Alternative Name extensions when creating certificate authorities or end-entity certificates via the command-line.

  • Add support for adding the Extended Key Usage, Issuer Alternative Name and Subject Alternative Name extensions when creating certificate authorities.

  • Add support for overriding the Authority Information Access, CRL Distribution Points and OCSP No Check extensions when creating end-entity certificates via the command-line.

  • Add support for string formatting operations on URL paths (see String formatting in URIs) in Authority Information Access and CRL Distribution Point extensions.

  • Add a temporary pip extra psycopg3 for using Psycopg 3. This extra will be removed once support for Django 3.2 is removed. Psycopg 3 will be required in the postgres extra from then on.

  • Fix import parameters to manage.py import_ca.

  • Further standardizing the command-line interface, some options for manage.py init_ca and manage.py edit_ca are renamed. See the update notes for more information.

Backwards incompatible changes

  • Drop support for acme 2.3.0 and cryptography 38.

  • The CA_DIGEST_ALGORITHM setting was removed. Use CA_DEFAULT_SIGNATURE_HASH_ALGORITHM instead.

  • The CA_DEFAULT_ECC_CURVE setting was removed. Use CA_DEFAULT_ELLIPTIC_CURVE instead.

  • Support for non-standard algorithm names for the --algorithm argument was removed.

  • Support for non-standard elliptic curve names via the --elliptic-curve argument was removed.

  • Support for custom signature hash algorithms in CRLs was removed. The algorithm used for signing the certificate authority is now always used.

  • The old alias --ecc-curve for --elliptic-curve was removed.

Deprecation notices

  • This is the last release to support cryptography 37 and cryptography 39.

  • This is the last release to support acme 2.4.0.

  • This is the last release to support celery 5.1.

  • Support for non-standard algorithm names in profile settings will be removed in django-ca 1.27.0.

  • Several options manage.py init_ca and manage.py edit_ca are renamed, old options will be removed in django-ca 1.27.0. See the update notes for more information.